Agent: Modify ExploitTelem based on ExploiterResultData changes

2022-02-21 14:38:12 +05:30 · 2022-02-21 14:38:12 +05:30 · a9e000f100
parent 9f01aa0a0d
commit a9e000f100
5 changed files with 64 additions and 17 deletions
--- a/monkey/infection_monkey/exploit/HostExploiter.py
+++ b/monkey/infection_monkey/exploit/HostExploiter.py
@ -51,7 +51,7 @@ class HostExploiter:
    def send_exploit_telemetry(self, name: str, result: bool):
        from infection_monkey.telemetry.exploit_telem import ExploitTelem

-        ExploitTelem(
+        ExploitTelem(  # stale code
            name=name,
            host=self.host,
            result=result,
--- a/monkey/infection_monkey/master/exploiter.py
+++ b/monkey/infection_monkey/master/exploiter.py
@ -86,7 +86,7 @@ class Exploiter:
            exploiter_results = self._run_exploiter(exploiter_name, victim_host, stop)
            results_callback(exploiter_name, victim_host, exploiter_results)

-            if exploiter_name != "ZerologonExploiter" and exploiter_results.success:
+            if exploiter_results.propagation_success:
                break

    def _run_exploiter(
--- a/monkey/infection_monkey/master/mock_master.py
+++ b/monkey/infection_monkey/master/mock_master.py
@ -101,20 +101,44 @@ class MockMaster(IMaster):

    def _exploit(self):
        logger.info("Exploiting victims")
-        result, info, attempts, error_message = self._puppet.exploit_host(
-            "PowerShellExploiter", "10.0.0.1", {}, None
-        )
+        (
+            exploit_result,
+            propagation_result,
+            os,
+            info,
+            attempts,
+            error_message,
+        ) = self._puppet.exploit_host("PowerShellExploiter", "10.0.0.1", {}, None)
        logger.info(f"Attempts for exploiting {attempts}")
        self._telemetry_messenger.send_telemetry(
-            ExploitTelem("PowerShellExploiter", self._hosts["10.0.0.1"], result, info, attempts)
+            ExploitTelem(
+                "PowerShellExploiter",
+                self._hosts["10.0.0.1"],
+                exploit_result,
+                propagation_result,
+                info,
+                attempts,
+            )
        )

-        result, info, attempts, error_message = self._puppet.exploit_host(
-            "SSHExploiter", "10.0.0.3", {}, None
-        )
+        (
+            exploit_result,
+            propagation_result,
+            os,
+            info,
+            attempts,
+            error_message,
+        ) = self._puppet.exploit_host("SSHExploiter", "10.0.0.3", {}, None)
        logger.info(f"Attempts for exploiting {attempts}")
        self._telemetry_messenger.send_telemetry(
-            ExploitTelem("SSHExploiter", self._hosts["10.0.0.3"], result, info, attempts)
+            ExploitTelem(
+                "SSHExploiter",
+                self._hosts["10.0.0.3"],
+                exploit_result,
+                propagation_result,
+                info,
+                attempts,
+            )
        )
        logger.info("Finished exploiting victims")

--- a/monkey/infection_monkey/master/propagator.py
+++ b/monkey/infection_monkey/master/propagator.py
@ -153,13 +153,25 @@ class Propagator:
    def _process_exploit_attempts(
        self, exploiter_name: str, host: VictimHost, result: ExploiterResultData
    ):
-        if result.success:
+        if result.propagation_success:
            logger.info(f"Successfully propagated to {host} using {exploiter_name}")
+        elif result.exploit_success:
+            logger.info(
+                f"Successfully exploited (but did not propagate to) {host} using {exploiter_name}"
+            )
        else:
            logger.info(
-                f"Failed to propagate to {host} using {exploiter_name}: {result.error_message}"
+                f"Failed to exploit or propagate to {host} using {exploiter_name}: "
+                f"{result.error_message}"
            )

        self._telemetry_messenger.send_telemetry(
-            ExploitTelem(exploiter_name, host, result.success, result.info, result.attempts)
+            ExploitTelem(
+                exploiter_name,
+                host,
+                result.exploit_success,
+                result.propagation_success,
+                result.info,
+                result.attempts,
+            )
        )
--- a/monkey/infection_monkey/telemetry/exploit_telem.py
+++ b/monkey/infection_monkey/telemetry/exploit_telem.py
@ -6,12 +6,21 @@ from infection_monkey.telemetry.base_telem import BaseTelem


 class ExploitTelem(BaseTelem):
-    def __init__(self, name: str, host: VictimHost, result: bool, info: Dict, attempts: List):
+    def __init__(
+        self,
+        name: str,
+        host: VictimHost,
+        exploit_result: bool,
+        propagation_result: bool,
+        info: Dict,
+        attempts: List,
+    ):
        """
        Default exploit telemetry constructor
        :param name: The name of exploiter used
        :param host: The host machine
-        :param result: The result from the 'exploit_host' method
+        :param exploit_result: The result of exploitation from the 'exploit_host' method
+        :param propagation_result: The result of propagation from the 'exploit_host' method
        :param info: Information about the exploiter
        :param attempts: Information about the exploiter's attempts
        """
@ -19,7 +28,8 @@ class ExploitTelem(BaseTelem):

        self.name = name
        self.host = host.__dict__
-        self.result = result
+        self.exploit_result = exploit_result
+        self.propagation_result = propagation_result
        self.info = info
        self.attempts = attempts

@ -27,7 +37,8 @@ class ExploitTelem(BaseTelem):

    def get_data(self) -> Dict:
        return {
-            "result": self.result,
+            "exploit_result": self.exploit_result,
+            "propagation_result": self.propagation_result,
            "machine": self.host,
            "exploiter": self.name,
            "info": self.info,